Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225851 6.8 警告 henning stoverud - PHPhotoalbum の upload.php における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4819 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
225852 6.8 警告 phpsimplicity - PHPSimplicity Simplicity oF Upload の upload.php における任意の PHP コードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4818 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
225853 4 警告 Rhino Software - Serv-U におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4815 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
225854 4.3 警告 wolfram - Wolfram Research webMathematica におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4814 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
225855 5 警告 wolfram - Wolfram Research webMathematica における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-4812 2012-12-20 19:28 2010-04-27 Show GitHub Exploit DB Packet Storm
225856 7.5 危険 samhain labs - Samhain の SRP 実装における認証を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-4810 2012-12-20 19:28 2010-04-23 Show GitHub Exploit DB Packet Storm
225857 5 警告 EFS Software - EFS Web Server の thumbnail.ghp におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4809 2012-12-20 19:28 2010-04-23 Show GitHub Exploit DB Packet Storm
225858 6.8 警告 will kraft - EZ-Blog における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4805 2012-12-20 19:28 2010-04-23 Show GitHub Exploit DB Packet Storm
225859 7.5 危険 will kraft - EZ-Blog における任意の投稿を作成される脆弱性 CWE-287
不適切な認証 		CVE-2009-4801 2012-12-20 19:28 2010-04-23 Show GitHub Exploit DB Packet Storm
225860 4 警告 Codeorigin - Sysax Multi Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4800 2012-12-20 19:28 2010-04-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198091 7.8 HIGH
Local 		webroot endpoint_agents Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot servi… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-5755 2024-11-21 14:34 2020-06-16 Show GitHub Exploit DB Packet Storm
198092 9.1 CRITICAL
Network 		webroot endpoint_agents Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of … CWE-843
Type Confusion 		CVE-2020-5754 2024-11-21 14:34 2020-06-16 Show GitHub Exploit DB Packet Storm
198093 8.8 HIGH
Network 		plex media_server Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests. NVD-CWE-noinfo
CVE-2020-5742 2024-11-21 14:34 2020-06-16 Show GitHub Exploit DB Packet Storm
198094 8.1 HIGH
Network 		pivotal_software spring_batch When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deseri… CWE-502
 Deserialization of Untrusted Data 		CVE-2020-5411 2024-11-21 14:34 2020-06-12 Show GitHub Exploit DB Packet Storm
198095 8.8 HIGH
Network 		zenphoto zenphoto Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. CWE-94
Code Injection 		CVE-2020-5593 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
198096 6.1 MEDIUM
Network 		zenphoto zenphoto Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2020-5592 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
198097 6.7 MEDIUM
Local 		dell latitude_5300_firmware
latitude_5300_2-in-1_firmware
latitude_5400_firmware
latitude_5401_firmware
latitude_5500_firmware
latitude_5501_firmware
latitude_7200_2_in_1_firmware
lat… 		Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Ad… NVD-CWE-Other
CVE-2020-5363 2024-11-21 14:34 2020-06-11 Show GitHub Exploit DB Packet Storm
198098 8.8 HIGH
Adjacent 		sony wf-1000x_firmware
wf-sp700n_firmware
wh-1000xm2_firmware
wh-1000xm3_firmware
wh-ch700n_firmware
wh-h900n_firmware
wh-xb700_firmware
wh-xb900n_firmware
wi-1000x_firmware
wi-… 		SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerabili… CWE-306
Missing Authentication for Critical Function 		CVE-2020-5589 2024-11-21 14:34 2020-06-9 Show GitHub Exploit DB Packet Storm
198099 7.5 HIGH
Network 		xack xack_dns XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the … CWE-674
 Uncontrolled Recursion 		CVE-2020-5591 2024-11-21 14:34 2020-06-6 Show GitHub Exploit DB Packet Storm
198100 7.5 HIGH
Network 		vmware spring_cloud_config Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co… CWE-22
Path Traversal 		CVE-2020-5410 2024-11-21 14:34 2020-06-3 Show GitHub Exploit DB Packet Storm